Transcription

2 Introduction Developments in vehicle security over recent years have made it increasingly difficult for thieves to steal vehicles by conventional means and this has led to thieves using burglary and fraud, as well as more advanced methods of theft. This white paper has been prepared exclusively by SBD in order to alert the automotive industry to the increasing security threat posed by the use of electronic theft tools. The current situation Statistics show that on a global scale the number of vehicle thefts has been steadily declining over the past 10 years but in developed markets the latest data shows that reductions are beginning to slow and in some instances theft numbers are starting to rise again. There are huge new vehicle markets emerging in Brazil, Russia, India, and China (the BRIC group), and it is likely that the demand from these markets will be partially met using stolen vehicles. Thieves in these markets are learning from the knowledge and experience of criminals from overseas who have been stealing cars for many years. Advances in technology have made it difficult for thieves to steal modern cars through the use of low tech methods and equipment. As such, it is becoming increasingly popular for Organised Crime Groups (OCG) to utilise electronic theft tools to acquire vehicles. Electronic theft tools are designed to bypass on-board security systems either by imitating the coded signals sent from key transponders and radio frequency (RF) devices or by utilising OE key learning protocols to program keys. Despite the complexity of modern vehicles and the security systems built into their electronic architecture, there are still weaknesses that attack tool designers have been able to exploit. There is a common misconception, especially amongst insurers, that new cars cannot be stolen without the use of the original key. The reality is that although immobilisers have been responsible for the significant theft reduction in the markets where they are fitted, the availability of technical information and the expertise with which to identify system weaknesses means that a range of tools and methods are now widely available. Achieving advanced vehicle security does not necessarily mean expensive changes are necessary. Improvements can be made to existing systems. SBD believe that vehicle manufacturers and suppliers need to take steps to understand the current vulnerabilities that are being exploited in order to design more robust security systems to tackle the problems being faced by the increasing popularity and availability of electronic theft tools. SBD/SEC/2288 2

3 Types of Tools The tools that thieves are using to conduct electronic attacks can be divided into two main groups: Theft Tools These are tools that have been designed specifically to target and exploit the weaknesses in the vehicle s security systems in order to steal cars. They are often produced by the thieves themselves either by adapting replacement parts of the vehicle electronics to allow them to perform the functions that they require, or as an independent stand-alone system. Legitimate Tools These are tools that are designed for automotive locksmiths and security professionals to be used for diagnostic and maintenance applications. They are produced as an OEM tool by the vehicle manufacturer themselves, or as an aftermarket tool produced by a legitimate supplier. Despite some measures being taken to try to prevent the unauthorised use of these legitimate tools, it is apparent that thieves are still able to obtain and use them for criminal gain. Further precautions need to be taken to ensure that their use is limited to the professionals that require them during service operations. This can be achieved by making the tools more difficult to use, or by creating a more diverse and adaptable system that would reduce the number of vehicles that the tools were compatible with. The electronic theft tools being used by thieves host a variety of different functions. SBD have identified the main functions that can be harnessed by criminals during the process of stealing a vehicle: Key Programming This gives the user the ability to programme new Transponder, RF controls or Smart Keys to the vehicle immobiliser, locking and alarm systems. Connection to the vehicle can be achieved either through the OBD port or directly through the CAN-BUS or K-Line harness. Methods have been publicised for accessing CAN harness connections from outside the vehicle. This enables manipulation of the locking and alarm systems meaning that thieves do not have to force entry to the vehicle s interior before starting their procedure. Transponder Cloning Transponder cloning devices allow the user to identify, prepare, read, copy and write a range of transponders. The transponder holds the unique identity which is communicated with the immobiliser unit in the vehicle. It confirms that the correct key has been inserted into the ignition and allows the vehicle to be operated. Cloning of this device would allow a thief to replicate this communication with an alternative key and in the absence of the original key. Immobiliser Programming Software protection for immobiliser systems can be relatively low. Tools are available which allow for direct manipulation of the software to disable the immobiliser function or to allow replacement of an ECU with a prematched or virgin ECU and transponder set. SBD/SEC/2288 3

4 EEPROM programming Some manufacturer s systems are vulnerable to reading or re-writing of the EEPROM and some stored data. Using this method, PIN-code security protocols used for verification prior to programming can be overcome. The devices that perform these functions are connected either through the CAN-BUS or directly to the ECU, or to the memory IC itself and allow a thief to bypass the security checks needed by some maintenance devices. Relay Attack Relay attack tools have been designed to target the increasing number of vehicles that use Smart Key technology. A pair of devices are used to capture the signals emitted by the vehicle and Smart Key, and extend their range so that the key and vehicle believe that they are within the authorised operation range. In doing so, a thief is able to enter the vehicle and start the engine without having the original key and without alerting the owner of the vehicle. Relay attacks can typically operate over a range of 100 to 1,000 metres, depending on environmental conditions and the equipment used. For more information on relay attack, please refer to SBD report 2266: Relay Attacks A Real Threat to Smart Key Security? RF Code Grabbing Code grabbing tools also target the signal sent from the key fob to the vehicle. They enable the thief to record the signals sent from an RF key fob when the owner wishes to lock and unlock their vehicle. In doing so, these signals can be re-transmitted at a later time in order to gain access to the vehicle, without the need for the original key. This is a covert method which allows the thief to gain access to the vehicle without arousing any suspicion. The effectiveness of this tool is not limited to fixed code systems. Some rolling code and crypto code systems can also be compromised by grabbing tools. RF Blocking RF blocking is the deliberate interference of the communication between the RF key fob and the vehicle usually without the driver being aware that the vehicle has not responded in the normal way. This can be achieved by using equipment that generates an RF signal, such as an electronic doorbell or garage door opener, or a specially designed tool that emits a continuous transmission to target a signal of a specific frequency. This is a highly effective method of preventing a driver from locking their vehicle and setting the alarm and is used all over the world. Legal restrictions exist which identify the frequency that a vehicle key fob must operate under and so thieves can target this frequency and ensure that the signal is blocked. For more information on RF code grabbing and RF blocking, please refer to SBD report 2263: RF Interference and the Future for Vehicle Entry. SBD/SEC/2288 4

5 Despite the equipment described in this section being fairly advanced in its functionality, it would be a mistake to assume that the operation of these devices requires a high level of skill or expertise. Most of these devices require very little input from the user, with some requiring only to be connected to initiate the attack. They are simple to use and are highly effective, which makes them attractive to thieves. Availability The consumer market of the modern world is no longer constrained by the boundaries dividing countries. The internet has provided a complete catalogue of products that are available for purchase from almost any corner of the globe. Electronic tools developed in one country are readily available to any internet user via auction sites, specialist retailers, or discussion forums. SBD have found reports of electronic theft tools being used frequently throughout Europe (especially in Russia and Poland); throughout Asia (in China, Japan and Malaysia); and also in the USA. Many thieves operating in these areas are targeting high specification luxury vehicles to be sold for a large profit, as well as more common vehicles that are stolen to meet market demand. The origin of the design and manufacture of these tools is also widespread. There are numerous suppliers operating in Asia, Europe and the Middle East, each offering devices able to perform a multitude of functions. The sale of tools is not illegal, even those that clearly have no legitimate purpose. Although they may be illegal to use, there is no restriction on supply and a number of companies have been formed specifically to design and distribute electronic devices aimed at overcoming vehicle security systems. Cost The cost of the tools typically range between 1,000 to 6,000, with the most expensive of the tools being used by thieves reaching up to 30,000. This price tag will not be considered an issue by most of the thieves operating today, and represents a good investment for repeated theft of luxury models. Spending 6,000 on a tool that will enable the thief to steal a car worth 50,000 will give the potential for a very quick profit and at a comparatively low risk. It is unlikely that the purchase price of these tools will deter thieves because most will be operating within an organised crime group (OCG) and it is reasonable to assume that the purchase will be funded through other illegal operations. Once acquired, the tool can be distributed through their operating markets in order to gain a substantial return. SBD/SEC/2288 5

6 How has this happened and what needs to be done? The basic principles on which the design of vehicle security is based have remained relatively unchanged over recent years and this does not reflect the advances in technology that the automotive industry is experiencing in other sectors. As such, thieves are developing sophisticated methods of theft that surpass the level of technology evident in vehicle security systems. The majority of vehicle security systems appear to be designed to prevent authorised users from tampering with the vehicle in any intrusive way. Security protocols have been integrated to prohibit the programming of systems in the vehicle without permission from the vehicle manufacturer. Despite this, thieves are able to overcome these protocols and gain access to the vehicle s internal network via pre-programmed back doors. These back doors are often inserted by suppliers during development to allow for simple maintenance of the system, but can be easily manipulated by thieves once the system weakness has been identified. The capability of vehicle security systems has been compromised in recent years due to the advanced theft techniques being used by criminals and through the lack of awareness by some vehicle manufacturers in understanding the risks that are currently affecting their vehicle range. Traditional theft methods required door locks to be broken, alarm sirens to be silenced, and ignition locks to be physically removed taking time and causing noise. Without physical damage needing to be inflicted there are less immediate warning signs that there is a theft in progress. This lowers the risk of a thief being discovered attacking a vehicle and increases the opportunities available to them. SBD believe that more robust security systems need to be put in place in order to tackle the growing problems found in the use of electronic theft tools. Vehicle manufacturers and suppliers need to focus on improving a vehicle s susceptibility to attack by electronic means, especially considering the emerging markets where there is little legislation for security, but already a large amount of information and theft tools readily available to thieves. For more information regarding the theft methods being utilised by criminals in the modern world, please refer to SBD report 2196: Vehicle crime in the 21st century and the impact of electronic theft methods. Should you have further questions regarding the issues raised in this white paper, please feel free to contact SBD directly. Our in-house team of experts are well equipped to assist with your enquiries and can offer consultancy opportunities to allow us to work with you in the development of new solutions. SBD/SEC/2288 6

Thatcham Research The Insurers Automotive Research Centre 15 th October 2014 Mike Briggs- Vehicle Crime Research Manager Overview of Thatcham The Motor Insurance Research Centre Owned by the major UK Motor

Please print out and complete this form to reduce the risk of car theft happening to you. In Australia, seven in 10 late model vehicles are stolen by the thief gaining access to the vehicles keys or transponder.

STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of

WORKING IN PARTNERSHIP Lorry Crime Prevention Information for drivers on preventing road freight crime and illegal immigration Introduction This booklet has been produced for lorry drivers who transport

FAQs Why is Miri Radar Trackers a better security system than conventional car alarms? Miri Radar Trackers has all the standard features of: instant notification of alarm signals 24 hours a day, 7 days

We can help you to detect, and then prevent, many different types of Telephone Fraud More than 200 types of telecom fraud exist, and the methods of intrusion and theft of services are becoming ever-more

HOW TO PROTECT YOUR BUSINESS FROM VAN THEFT A guide for SMEs 1 CONTENTS Do you know which vehicle is the most frequently stolen in the UK? Are my vans at risk? Four minutes and it s gone-how thieves get

Is your business secure in a hosted world? Threats to the security of business data are constantly growing and evolving - What can you do ensure your data remains secure? Introduction The safe use of computer

Your Policy Booklet 2 Welcome to Keycare There when your keys aren t We all know that losing your keys, or having them stolen, is frustrating and upsetting. But now, as a Lloyds Bank Car Insurance Keycare

Secure Homes Report 2014 We advance safety and security by finding smarter ways to save lives, improve businesses and protect where people live and work. At ADT Security we have made it our business to

AVS A4 alarm Owner s manual Thank you for choosing an AVS A4 car security system. It has been designed to provide a superior level of security for you and your vehicle. Please read this guide carefully

RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

Stolen Vehicle Tracking automotive.vodafone.co.uk Vodafone Power to you Vodafone CobraTrak Stolen Vehicle Tracking and Monitoring Services The ultimate protection for your vehicle with European coverage

Vehicle Security System VSS3 - Alarm system remote System Setting Guide - English Dear Customer, In this guide you will find the information and operations necessary in order to activate and deactivate

A guide to access control for manufacturing sites What is access control? Access control provides the ability to control, monitor and restrict the movement of people, assets or vehicles, in, out and round

// CRIME IS LOW IN LANCASHIRE We want to work with you to keep it that way. This section contains tips on how you can help to prevent crime and avoid becoming a victim of crime. Click on the contents below

Containing Cargo Theft... With Satellite Technology author: Anu Sood, SkyWave Mobile Communications Cargo theft is an international phenomenon. While no definitive statistics are available as to how much

Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber

Data protection A practical guide to IT security Ideal for the small business The Data Protection Act states that appropriate technical and organisational measures shall be taken against unauthorised or

You wouldn t leave the door to your premises open at night. So why risk doing the same with your network? Most businesses know the importance of installing antivirus products on their PCs to securely protect

NEW Defa Security System The alarm system for every type of body electronic system Installation has never been easier! Finally a smart car alarm system that fits all vehicles CANbus technology is becoming

NSW POLICE FORCE Home Safe IS YOUR HOME SECURE? This brochure is intended to provide your household with the latest information regarding home security and break-in prevention. You will learn how to evaluate

Biometrics for payments The use of biometrics in banking Biometrics for payments Biometrics for payments The use of biometrics in banking The use of biometrics for authentication is nothing new. But historically,

USER GUIDE SYSTEM 3 SYSTEM 21 All references to System 3 apply to System 21 unless otherwise stated MAIN SYSTEM COMPONENTS Two Remote Transmitters Installed Control Unit Customising Wires Installed Protective

STRONGER ONLINE SECURITY Enhanced online banking without compromise Manage your business banking efficiently and securely Internet banking has given business leaders and treasurers greater control of financial

Message from the Ministry of Community Safety and Correctional Services The Ontario Association of Chiefs of Police (OACP) is conducting its first public education and awareness campaign on crime prevention.

AUTO SECURITY SYSTEM USER S OPERATION GUIDE FCC ID NOTICE This device complies with Part 15 of the FCC rules. Operation is subject to the following conditions: 1. This device may not cause harmful interference,

Stolen Vehicle Tracking and Monitoring Services Stolen Vehicle Tracking and Monitoring Services The ultimate protection for your vehicle with European coverage as standard* With more than 300,000 vehicles

TELEMATICS The Way To Strike Vehicle Crime Vehicle crime is a serious threat to a safe world. According to the Business Week, the most serious vehicle theft area is Europe. There are 340million cars by

Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started

An overview of the fraud threat to business, including the particular threat posed by electronic funds transfer fraud Every business is susceptible to fraud But some are more susceptible than others. That

Deterring Collector Car Theft Although hundreds of cars are stolen every day, automobile thieves usually target latemodel vehicles that can be disassembled and quickly sold for parts. Although more expensive

High technology theft-prevention systems have hit the automotive market full-force. Several manufacturers now offer antitheft protection integrated with the vehicle s PCM to prevent hotwiring the ignition

REDUCING CAR THEFT: HOW LOW CAN WE GO? Speaker: Organisation: Jennifer Davidson NRMA Presentation Title: The Insurance Role in Vehicle Theft Prevention When we talk about the cost of car theft on the Australian

Cobra Alarm Systems Your protection against theft automotive.vodafone.co.uk Vodafone ower to you Cobra Alarm Systems Vodafone Automotive is the supplier of many of the world s most advanced standard fit

DIY Friendly Easy Fit Range of Alarms 60% of burglaries attempted on UK homes fitted with burglar alarms are unsuccessful. Introducing the new Easy Fit range of alarms With decades of experience in residential

PROFESSIONAL SERIES Owner s Guide For Models: ca6554 Deluxe Vehicle Security and Remote Start System with 2 Way Confirming LCD Remote Control IMPORTANT NOTE: The operation of the Security and Convenience

Stolen Vehicle Tracking and Monitoring Services Stolen Vehicle Tracking and Monitoring Services The ultimate protection for your vehicle with European coverage as standard* With more than 300,000 vehicles

INTRODUCTION: REMOTE KEYLESS ENTRY SYSTEM RECEIVER DESIGN Remote keyless entry (RKE) has captivated automobile buyers, as evidenced by the popularity of RKE on new automobiles and as an aftermarket item.

Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many

TO BE PUBLISHED IN THE OFFICIAL REPORTS OFFICE OF THE ATTORNEY GENERAL State of California EDMUND G. BROWN JR. Attorney General OPINION No. 07-205 of November 8, 2007 EDMUND G. BROWN JR. Attorney General

FSA factsheet for All firms This factsheet is for: Senior management of small firms that handle, store or dispose of customers personal data in the course of their business. It explains: What you should

PCI Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches happening?

Frequency Jamming 1 What is Jamming? Radio jamming is the (usually deliberate) transmission of radio signals that disrupt communications by decreasing the signal-to-noise ratio. Unintentional jamming occurs

4625-4627 USER MANUAL Summary 1. INTRODUCTION... 4 2. ARMING AND DISARMING THE SYSTEM WITH THE ORIGINAL VEHICLE REMOTE CONTROL OR WITH THE COBRA REMOTE CONTROL...4 3. ACTIVE FUNCTIONS (functions description)...5

esoft Technical White Paper: Who Needs Firewall Protection? "Without the protection of a firewall, which serves as a buffer between an organization s internal network and myriad external networks including

Why Cryptosystems Fail By Ahmed HajYasien CS755 Introduction and Motivation Cryptography was originally a preserve of governments; military and diplomatic organisations used it to keep messages secret.

Tractor and Agricultural Vehicle Theft and Security At NFU Mutual, we understand the needs of your business. If your tractor is stolen, we provide quality cover you can count on to get you up and running

Volume 5, Issue 4, 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A System for Car Accident

Protect your pride and joy with tracker STOLEN VEHICLE RECOVERY Car theft affects thousands of people each year, but the impact is wider than just losing your vehicle there are both financial and emotional

FLIP (Financial Literacy in Practice) February 2015 IDENTITY THEFT OVERVIEW This resource complements the material in Operation Financial Literacy. It has been written to address current issues which specifically

INSTALLATION MANUAL VEHICLE SECURITY SYSTEM CE-SS200 FUSION CULTURE TABLE OF CONTENTS There s no point doing something if no one notices. We ve always believed the way to make things happen is by getting

PROFESSIONAL SERIES CA 1050 Owner s Guide Vehicle Security and Keyless Entry System IMPORTANT NOTE: The operation of the Security and Convenience System as described in this manual is applicable to most

ICA Advanced Certificate in Cyber Security A professional qualification awarded in association with University of Manchester Business School An Introduction to the ICA Advanced Certificate In Cyber Security

Protecting Yourself Against Identity Theft Identity theft is a serious crime. Identity theft happens when someone steals your personal information and uses it without your permission. It is a growing threat